<?php
	//written by Slyferz
	//taking the login information, putting it into a session variable, and immediately going to the next page.
	if(!empty($_POST["pass"]) && !empty($_POST["uname"]))
	{
		$query  = "SELECT userid FROM userinfo WHERE pass = '".sha1($_POST["pass"])."' && name = '".$_POST["uname"]."'";
		$result = mysql_query($query);
		$row = mysql_fetch_array($result);

		if(!empty($row[0]))
		{
			$_SESSION["userid"] = $row[0];
			mysql_query("DELETE FROM antispam WHERE ip = '".mysql_escape_string($_SERVER['REMOTE_ADDR'])."';");
			header("Location: http://".$_SERVER['HTTP_HOST']."/index2.php");
		}
		else
		{
			header("Location: http://".$_SERVER['HTTP_HOST']."/index2.php?page=denied");
		}
	}
	else
	{	
		header("Location: http://".$_SERVER['HTTP_HOST']."/index2.php?page=denied");
	}
?>	
